Vulnerabilities > Freerdp > Freerdp > 1.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-20 | CVE-2018-1000852 | Out-of-bounds Read vulnerability in multiple products FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. | 6.5 |
| 2018-11-29 | CVE-2018-8789 | Out-of-bounds Read vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault). | 5.0 |
| 2018-11-29 | CVE-2018-8788 | Out-of-bounds Write vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution. | 7.5 |
| 2018-11-29 | CVE-2018-8787 | Integer Overflow or Wraparound vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution. | 7.5 |
| 2018-11-29 | CVE-2018-8786 | Incorrect Conversion between Numeric Types vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution. | 9.8 |
| 2018-11-29 | CVE-2018-8785 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution. | 7.5 |
| 2018-11-29 | CVE-2018-8784 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution. | 7.5 |
| 2016-10-03 | CVE-2013-4119 | NULL Pointer Dereference vulnerability in Freerdp 1.0.0/1.0.1/1.0.2 FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished. | 5.0 |
| 2016-10-03 | CVE-2013-4118 | NULL Pointer Dereference vulnerability in multiple products FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. | 5.0 |
| 2014-11-16 | CVE-2014-0250 | Numeric Errors vulnerability in multiple products Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated. | 7.5 |